﻿@ViewBag.Test1
@ViewBag.Test2
<br />
<h2><a href="/xssurl.html">6.Razor的简单接触2</a></h2>
<h2><a href="@Url.Action("XssUrl", "Index", new { name=ViewBag.Test})">6.Razor的简单接触2</a></h2>
<br />

<button id="xss">Ajax方式</button>
<p id="main"></p>
<script src="//cdn.bootcss.com/jquery/1.10.2/jquery.min.js"></script>
<script type="text/javascript">
    $('#xss').click(function () {
        //$('#main').html('@ViewBag.Test2');
        $('#main').html('@Ajax.JavaScriptStringEncode(ViewBag.Test2)');
    });
</script>